Privacy Policy
1. Who We Are
BahnIQ ("we," "us," or "our") operates the BahnIQ Highway Capacity Intelligence Platform at bahniq.com. This Privacy Policy applies to all users of our website, platform, and related services (collectively, the "Service"), including visitors who browse the public website, registered account holders, and authorized users acting on behalf of government agencies or organizations.
BahnIQ is a professional-grade tool designed for use by state and local transportation agencies, metropolitan planning organizations, and engineering consultants. Our handling of information reflects the standards and expectations appropriate to that institutional context.
If you have questions about this Policy or how we handle your data, please contact us at privacy@bahniq.com.
2. Information We Collect
2.1 Information You Provide Directly
| Type | Examples | When collected |
|---|---|---|
| Account information | Full name, work email address, organization name, job title | When you register or update your profile |
| Authentication credentials | Hashed password; Google OAuth token (if signing in via Google) | When you create an account or sign in |
| Payment information | Billing address, card type, last 4 digits of card number, payment status | When you subscribe to a paid plan (full card numbers are processed exclusively by Stripe and never stored on BahnIQ servers) |
| Project and engineering data | Highway segment definitions, lane configurations, traffic volume counts, speed data, geometric inputs, uploaded CSV and data files | When you use the platform to create, run, or save analyses |
| Demo and contact requests | Name, email, agency name, message text, preferred contact time | When you submit a contact or demo request form |
| Support communications | Email content, attachments, chat transcripts | When you contact our support team |
| Feedback and survey responses | Feature requests, satisfaction ratings, written feedback | When you voluntarily respond to in-product surveys or feedback prompts |
2.2 Information Collected Automatically
| Type | Details |
|---|---|
| Server log data | IP address, HTTP method, requested URL, HTTP status code, response size, referrer URL, browser user-agent string, and timestamps for each request |
| Device and browser information | Browser name and version, operating system name and version, screen resolution, time zone |
| Platform usage data | Features accessed, analysis types run, segment counts, export actions taken, session duration, navigation paths within the application |
| Authentication events | Login timestamps, logout events, failed authentication attempts, token refresh activity (managed through Firebase Authentication) |
| Error and diagnostic data | Application errors, API failure codes, performance timing data collected to identify and resolve bugs |
| Cookies and similar technologies | Session authentication state; see Section 6 for full details |
2.3 Information We Do Not Collect
We do not collect social security numbers, government-issued ID numbers, health information, precise geolocation data from end-user devices, or any data categories classified as sensitive under applicable privacy law, unless you explicitly provide such information in a support communication or uploaded file.
3. How We Use Your Information
We use the information we collect for the following purposes, each grounded in a legitimate operational or legal basis:
- Account creation and authentication — to create and maintain your account, verify your identity, and manage your session
- Service delivery — to receive your input data, run engineering analyses, store and display your project results, and generate output reports
- Subscription and billing management — to process payments, manage plan entitlements, handle trial periods, and issue invoices through Stripe
- Transactional communications — to send account registration confirmations, subscription receipts, payment failure notices, trial expiry reminders, and security alerts
- Product communications — to notify you of significant feature updates, new capabilities, or changes to the Service (you may opt out of non-essential communications at any time)
- Service improvement — to analyze usage patterns, identify performance bottlenecks, understand feature adoption, and prioritize product development
- Security and fraud prevention — to detect and investigate unauthorized access attempts, abuse patterns, or violations of our Terms of Service
- Customer support — to respond to your questions, investigate reported issues, and maintain a record of support interactions
- Legal compliance — to comply with applicable federal and state laws, respond to lawful subpoenas or court orders, and enforce our contractual rights
We do not use your project data or engineering inputs to train machine learning models, benchmark our algorithms against third-party datasets, or share with any external party for research or commercial purposes.
4. Legal Basis for Processing (GDPR / UK GDPR)
If you access the Service from the European Economic Area (EEA) or the United Kingdom, we are required to identify the legal basis under which we process your personal data. We rely on the following bases:
- Performance of a contract (Article 6(1)(b) GDPR) — processing your account data, project data, and payment information is necessary to provide the Service you signed up for and to fulfill our contractual obligations to you
- Legitimate interests (Article 6(1)(f) GDPR) — we process log data, usage data, and diagnostic data to maintain the security, integrity, and performance of the Service. Our legitimate interests do not override your rights where you have a reasonable expectation of privacy
- Consent (Article 6(1)(a) GDPR) — where we send optional marketing or product newsletters, we do so on the basis of your consent. You may withdraw consent at any time by clicking the unsubscribe link in any such communication or by contacting us at privacy@bahniq.com
- Compliance with a legal obligation (Article 6(1)(c) GDPR) — we retain certain billing and transactional records for the periods required by applicable tax and financial regulations
4.1 Legitimate Interests Assessment
Where we rely on legitimate interests as a legal basis for processing, we have conducted a balancing test to assess that our interests do not override your fundamental rights and freedoms. Specifically:
- Security monitoring and log analysis — we have a legitimate interest in detecting and preventing unauthorized access, abuse, and fraud. Users of a professional platform have a reasonable expectation that the service will be secured, and server log analysis is a proportionate and standard means of achieving this. The volume of data processed is limited and is not used for any other purpose.
- Product analytics — we have a legitimate interest in understanding how the Service is used in order to improve it. We limit collection to behavioral metadata (features used, session duration, analysis types run) and do not profile individual users or link this data to external datasets. Users have the ability to object to this processing.
- Fraud and abuse prevention — we have a legitimate interest in preventing misuse of the platform, including credential stuffing, scraping, and unauthorized sharing of accounts. Detection mechanisms are limited to activity patterns and do not involve content-level surveillance of project data.
You may object to processing based on legitimate interests at any time by contacting privacy@bahniq.com. We will cease such processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or where processing is necessary for the establishment, exercise, or defense of legal claims.
5. Sharing of Information
We do not sell, rent, or trade your personal data. We share information only in the following limited circumstances:
5.1 Sub-Processors and Service Providers
We use the following categories of trusted third-party vendors who process data strictly on our behalf and under data processing agreements:
| Vendor / Category | Purpose | Data Shared |
|---|---|---|
| Firebase / Google Cloud (Google LLC) | User authentication, identity management, secure token issuance | Email address, display name, authentication identifiers |
| Stripe, Inc. | Payment processing, subscription management, invoicing | Email address, billing address, payment method metadata (Stripe handles full card data directly) |
| Web hosting provider (cPanel / LiteSpeed) | Web server infrastructure, file storage, SSL termination | All data stored on the server (access restricted to authorized personnel only) |
| Email delivery provider | Transactional email delivery (account notifications, invoices) | Email address, email content of transactional messages |
All sub-processors are contractually obligated to process personal data only for the specified purpose, implement appropriate technical and organizational security measures, and not disclose data to any additional parties without our authorization.
5.2 Legal Requirements
We may disclose your information when we believe in good faith that disclosure is required or permitted by law, including in response to a valid subpoena, court order, regulatory inquiry, or governmental request. Where legally permissible, we will notify you before disclosing your information in response to such a request.
5.3 Protection of Rights
We may disclose information where we reasonably believe it is necessary to investigate, prevent, or take action regarding illegal activity, suspected fraud, threats to the physical safety of any person, or violations of our Terms of Service.
5.4 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will provide reasonable notice to registered users, and the acquiring entity will be required to honor this Privacy Policy or provide comparable protections.
5.5 With Your Consent
We may share your information for any other purpose with your explicit prior consent.
6. Cookies and Similar Technologies
We use a minimal, strictly functional set of cookies. We do not use third-party advertising cookies, behavioral tracking cookies, or cross-site analytics networks.
6.1 Cookies We Set
| Cookie | Purpose | Duration | Category |
|---|---|---|---|
| Firebase auth/session storage | Maintains your signed-in session and refresh lifecycle for authenticated areas of the Service | Managed by Firebase and cleared on sign-out or session expiry | Strictly necessary |
6.2 Cookies We Do Not Use
We do not set or permit third-party advertising cookies, retargeting pixels, cross-site tracking cookies, social media tracking pixels, or persistent analytics cookies (such as Google Analytics). No advertising network receives data about your use of this Service.
6.3 Managing Cookies
You can configure your browser to block or delete cookies. However, blocking the strictly necessary cookies listed above will prevent the Service from authenticating your session and you will be unable to remain signed in.
7. Data Retention
We retain personal data only as long as necessary for the purposes described in this Policy. Our standard retention schedules are:
- Account profile data — retained for the duration of your active account, plus 90 days after you request deletion, to allow for recovery if deletion was accidental
- Project and engineering data — retained while your account is active; deleted within 30 days of account deletion or upon specific request
- Billing and payment records — retained for a minimum of 7 years from the date of the transaction, as required by applicable tax and financial recordkeeping laws
- Server log data — retained for up to 90 days for security monitoring, abuse detection, and debugging; older logs are purged on a rolling basis
- Support and communication records — retained for up to 3 years from the close of the support interaction to support quality assurance and dispute resolution
- Authentication audit logs — retained for up to 12 months to support security incident investigation
When data is no longer required, it is securely deleted or anonymized so that it can no longer be associated with an individual.
8. Data Security
We apply layered technical and organizational security controls to protect your data against unauthorized access, disclosure, alteration, or destruction. These include:
- Encryption in transit — all data transmitted between your browser and our servers is encrypted using HTTPS/TLS 1.2 or higher. HTTP requests are redirected to HTTPS.
- Encryption at rest — sensitive configuration and credential data is stored in environment variables, not in source code or version control
- Authentication security — user authentication is managed through Firebase Authentication, which provides industry-standard token-based session management, brute-force protection, and secure credential storage
- Access controls — platform access is gated by role-based access controls. Administrative functions are restricted to authorized personnel only. Production data access is limited to personnel with a documented operational need
- Security headers — our web server sets standard protective HTTP headers including Content-Security-Policy framing restrictions, X-Content-Type-Options, Strict-Transport-Security, and Referrer-Policy
- Input validation and rate limiting — all API endpoints implement input validation, output encoding, and rate limiting to mitigate injection, brute-force, and denial-of-service risks
- Dependency management — third-party libraries are sourced from trusted vendors and reviewed for known vulnerabilities
- Periodic security reviews — we conduct periodic reviews of our infrastructure, access logs, and application code to identify and remediate security issues
Despite these measures, no Internet-based system can guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and, where required, the relevant supervisory authority within the timeframes prescribed by applicable law.
If you discover a potential security vulnerability, please disclose it responsibly to security@bahniq.com. We will acknowledge your report promptly and work to address confirmed issues.
9. Your Rights and Choices
Depending on your location and applicable law, you may have the following rights regarding your personal data. We will honor valid requests regardless of whether a specific law requires it, as a matter of principle.
- Access — request a copy of the personal data we hold about you, including the categories of data, the purposes of processing, and the recipients with whom it has been shared
- Correction — request that inaccurate or incomplete data be corrected. You can update your name, email, and organization directly from the Account settings page
- Deletion ("right to be forgotten") — request deletion of your personal data. We will delete or anonymize your data within 30 days, subject to lawful retention obligations (such as financial records we are legally required to keep)
- Data portability — request a copy of your personal data in a structured, commonly used, machine-readable format (such as JSON or CSV) so you can transfer it to another service
- Objection — object to our processing of your data where that processing is based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests
- Restriction — request that we temporarily restrict processing of your data (for example, while you contest its accuracy or the lawfulness of our processing)
- Withdraw consent — where processing is based on your consent (such as marketing emails), you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal
- Non-discrimination — exercising any of these rights will not result in denial of service, different pricing, or any other adverse treatment
To exercise any of these rights, please email privacy@bahniq.com with sufficient information to verify your identity. We will respond within 30 days, and at no charge. If we are unable to fulfill your request, we will explain why.
10. California Privacy Rights (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you additional rights beyond those described above.
- Right to Know — you have the right to know what categories of personal information we have collected about you, the purposes for which it was collected, and whether it has been sold or disclosed for a business purpose
- Right to Delete — you have the right to request deletion of personal information we have collected from you, subject to certain exceptions
- Right to Correct — you have the right to request correction of inaccurate personal information we maintain about you
- Right to Opt-Out of Sale or Sharing — BahnIQ does not sell personal information, nor do we share it with third parties for cross-context behavioral advertising. You therefore have nothing to opt out of in this regard
- Right to Limit Use of Sensitive Personal Information — we do not collect or process sensitive personal information as defined by the CPRA beyond what is strictly necessary to provide the Service
To submit a verifiable consumer request under the CCPA/CPRA, contact us at privacy@bahniq.com. We will respond within 45 days as required by law.
11. Other US State Privacy Laws
In addition to California, several other US states have enacted comprehensive consumer privacy laws. The following provisions apply to residents of those states to the extent required by applicable law.
11.1 Virginia (VCDPA)
Virginia residents have rights under the Virginia Consumer Data Protection Act (VCDPA), including the right to access, correct, delete, and obtain a portable copy of personal data, the right to opt out of targeted advertising and the sale of personal data (neither of which BahnIQ engages in), and the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects. To exercise these rights, contact privacy@bahniq.com. If we decline to act on your request, you may appeal that decision by contacting us with the subject line "VCDPA Appeal." If your appeal is denied, you may contact the Virginia Attorney General.
11.2 Colorado (CPA)
Colorado residents have rights under the Colorado Privacy Act (CPA), including the rights to access, correct, delete, and port personal data, and to opt out of targeted advertising, the sale of personal data, and profiling in furtherance of decisions that produce legal or similarly significant effects. BahnIQ does not engage in targeted advertising or the sale of personal data. To exercise your rights or to appeal a decision, contact privacy@bahniq.com. Unresolved appeals may be directed to the Colorado Attorney General.
11.3 Connecticut (CTDPA)
Connecticut residents have rights under the Connecticut Data Privacy Act (CTDPA) similar to those described for Virginia and Colorado, including access, correction, deletion, data portability, and opt-out rights. BahnIQ does not sell personal data or use it for targeted advertising. Appeals of denied requests may be submitted to us in writing, and unresolved complaints may be directed to the Connecticut Attorney General.
11.4 Texas (TDPSA)
Texas residents have rights under the Texas Data Privacy and Security Act (TDPSA), including rights to access, correct, delete, and obtain a portable copy of personal data. BahnIQ does not sell sensitive personal data or process personal data for targeted advertising. To exercise your rights, contact privacy@bahniq.com.
11.5 Other States
We extend the rights described in this Privacy Policy — including access, correction, deletion, portability, and the right to object — to all users regardless of location, as a matter of policy. Residents of states with additional statutory requirements should contact us and we will comply with applicable law. This Policy will be updated as additional state privacy laws take effect.
12. Children's Privacy
The Service is a professional engineering platform and is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe we have inadvertently collected information from a child under 18, please contact us at privacy@bahniq.com and we will delete it promptly.
13. International Data Transfers
BahnIQ is based in the United States. If you access the Service from outside the United States, your data may be transferred to, stored, and processed in the United States or other countries where our sub-processors maintain infrastructure.
For users in the EEA or United Kingdom, such transfers are subject to appropriate safeguards. Where we transfer personal data internationally, we rely on:
- Standard Contractual Clauses (SCCs) — approved by the European Commission under Article 46(2)(c) GDPR, incorporated into our agreements with sub-processors such as Google LLC (Firebase) and Stripe, Inc.
- Adequacy decisions — where the European Commission has recognized the destination country as providing an adequate level of protection
You may request a copy of the relevant transfer mechanisms by contacting privacy@bahniq.com.
14. Third-Party Links and Integrations
The Service may contain links to external websites, standards documents, government portals, or third-party tools. This Privacy Policy does not apply to those external sites. We encourage you to review the privacy practices of any third-party site before providing personal information. We are not responsible for the content, privacy practices, or data handling of third-party websites.
15. Automated Decision-Making and Profiling
BahnIQ uses automated processing to generate engineering analyses, ranked improvement proposals, and compliance assessments. These outputs are analytical tools to assist professional judgment and do not constitute regulatory decisions, licensing determinations, or legally binding engineering opinions.
No automated decision-making produces legal or similarly significant effects on individuals within the meaning of Article 22 GDPR. All outputs require review and professional certification by a qualified engineer before use in any regulatory, procurement, or construction context.
BahnIQ does not build individual user profiles for the purpose of behavioral targeting, credit scoring, employment screening, or any other purpose that would produce legal or similarly significant effects on individuals. Usage analytics are aggregated at the organizational and platform level and are not used to make individualized determinations about users. You have the right to request human review of any decision made about your account access or service eligibility.
16. Do Not Track Signals
Some browsers and browser extensions transmit "Do Not Track" (DNT) signals to websites. Because BahnIQ does not engage in cross-site behavioral tracking, advertising networks, or third-party analytics that would be affected by DNT signals, we do not alter our data collection or use practices in response to DNT signals. Our data collection practices are limited to what is described in this Policy regardless of whether a DNT signal is present.
We support the Global Privacy Control (GPC) signal as a valid mechanism for California residents to exercise their right to opt out of the sale or sharing of personal data under the CPRA. Because we do not sell or share personal data for targeted advertising purposes, enabling GPC does not change our processing practices, but we record and honor the signal.
17. Data Minimization and Purpose Limitation
BahnIQ collects only the minimum personal data necessary to provide, operate, and improve the Service. We apply the following data minimization practices:
- Collection limitation — we do not collect data fields we do not need. Account registration requires only a name, work email, and password. We do not require phone numbers, physical addresses, or demographic information as a condition of service.
- Purpose limitation — data collected for one purpose is not repurposed for an incompatible use without your knowledge and, where required, your consent. Project and engineering data you submit is used solely to provide the analytical outputs you requested and is not used for any other commercial purpose.
- Storage limitation — data is retained only as long as necessary for the purpose for which it was collected, as described in Section 7 of this Policy. Automated purge schedules are applied to log data, session records, and deleted account data.
- No sale or monetization of user data — we do not monetize your personal data through advertising, data brokerage, or data licensing. Our revenue comes exclusively from subscription fees.
18. Records of Processing Activities
As required under Article 30 GDPR, BahnIQ maintains internal records of processing activities (ROPAs) documenting: the categories of personal data processed, the purposes and legal bases for each processing activity, the categories of data recipients and sub-processors, data transfer mechanisms for cross-border transfers, and applicable retention periods. These records are maintained by our legal and engineering teams and are available for inspection by competent supervisory authorities upon request.
A summary of our processing activities by category is as follows:
| Processing Activity | Legal Basis | Retention |
|---|---|---|
| Account registration and authentication | Contract performance | Duration of account + 90 days |
| Subscription billing and invoicing | Contract performance; legal obligation | 7 years |
| Engineering analysis and project storage | Contract performance | Duration of account; 30 days post-deletion |
| Server and security log collection | Legitimate interests | 90 days rolling |
| Support communications | Legitimate interests; contract performance | 3 years from close of interaction |
| Product usage analytics | Legitimate interests | Aggregated; individual records 12 months |
| Transactional email delivery | Contract performance | Per retention schedule above |
| Marketing communications | Consent | Until withdrawn or account closed |
19. Government and Institutional Users
Where BahnIQ is accessed by employees or contractors of state or local government agencies under an institutional subscription or enterprise agreement, data processing may be subject to additional terms negotiated in that agreement. In such cases, the institutional agreement governs to the extent of any conflict with this Policy. Government users should consult their agency's information governance policies before uploading sensitive or restricted transportation data to any cloud-based platform.
20. Data Breach Notification
In the event we discover a security incident that results in, or is likely to result in, unauthorized access to personal data, we will:
- Investigate and contain the incident promptly
- Notify affected users by email within 72 hours of confirming a material breach, where practicable
- Notify the relevant supervisory authority (where required under GDPR or other applicable law) within the legally mandated timeframe
- Provide details of the nature of the incident, the categories of data affected, and steps taken to mitigate harm
- Where required by state law (including California, Texas, Virginia, and others), notify residents and the relevant state attorney general or regulatory authority within the timeframe prescribed by applicable state breach notification law
Our incident response process includes: (a) immediate isolation of affected systems; (b) forensic investigation to determine the scope and root cause; (c) remediation of the vulnerability; (d) notification to affected parties as described above; and (e) post-incident review and documentation. We maintain an incident response plan that is reviewed and tested periodically.
21. Data Protection Officer and Supervisory Authority
BahnIQ has designated a privacy point of contact responsible for overseeing compliance with applicable data protection laws and responding to data subject inquiries. While BahnIQ may not be required under all applicable laws to appoint a formal Data Protection Officer (DPO), we have assigned internal privacy responsibilities to a qualified individual who can be reached at privacy@bahniq.com.
If you are located in the European Economic Area or United Kingdom and believe that our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority in your member state or country of residence. A list of EEA supervisory authorities is available at edpb.europa.eu. For UK residents, the relevant authority is the Information Commissioner's Office (ICO) at ico.org.uk. We encourage you to contact us first so that we may attempt to resolve your concern directly before escalating to a supervisory authority.
22. Security Vulnerability Disclosure
BahnIQ supports responsible disclosure of security vulnerabilities. If you discover a potential vulnerability in the Service, we ask that you:
- Report it promptly to security@bahniq.com with a clear description of the issue and steps to reproduce it
- Allow us a reasonable period (typically 90 days) to investigate and remediate the issue before any public disclosure
- Not access, modify, delete, or exfiltrate data beyond what is necessary to demonstrate the vulnerability
- Not use the vulnerability to disrupt service availability or access other users' data
We will acknowledge receipt of your report within 5 business days, keep you informed of our investigation progress, and, where appropriate, credit you for responsible disclosure. We do not pursue legal action against researchers who discover and report vulnerabilities in good faith and in accordance with these guidelines.
23. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices, the Service, or applicable law. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Post a notice on the platform for at least 30 days
- Send an email notification to registered users for significant changes
Your continued use of the Service after the effective date of the revised Policy constitutes your acceptance of the changes. If you do not agree to the revised Policy, you should discontinue use of the Service and may request deletion of your account and data.
24. BahnIQ Rentals
BahnIQ Rentals is a separate consumer-facing sub-product available at rentals.bahniq.com. It allows users to search rental listings nationwide and set up email alerts for matching properties. The following additional privacy practices apply to users of BahnIQ Rentals.
24.1 Data Collected for Rentals Users
| Type | Details | When collected |
|---|---|---|
| Account information | Email address and account credentials | When you register for a Rentals account |
| Search filters | Location, price range, bedroom count, and other filter preferences you apply when browsing listings | When you interact with the search interface |
| Saved listings | Listing identifiers for properties you save or bookmark | When you save a listing |
| Alert preferences | Search criteria you configure for email alert subscriptions, including location, filters, and notification frequency | When you create or modify an alert |
24.2 Third-Party Services Used by BahnIQ Rentals
RentCast — listing data displayed in BahnIQ Rentals is fetched live from the RentCast API at the time of your search. Listing data is not stored permanently on BahnIQ servers; it is retrieved on demand and not retained after your session ends. RentCast's privacy policy governs how RentCast processes data on its end.
Stripe, Inc. — after the free trial period, payment for a Rentals subscription is processed by Stripe. Full card numbers are handled exclusively by Stripe and are never stored on BahnIQ servers. We retain only billing metadata (card type, last four digits, billing address, and subscription status) as described in Section 2.1.
24.3 Email Alerts
If you enable email alerts, your email address is stored solely for the purpose of delivering matching listing digest emails according to the criteria you set. You may modify or delete your alert preferences at any time from your account settings. Disabling an alert immediately stops further alert emails for that criteria.
24.4 Account Cancellation and Deletion
You may cancel your BahnIQ Rentals subscription and request deletion of your account at any time. Upon deletion: your email address, saved listings, and alert preferences will be permanently removed from our systems within 30 days. Billing records required by law are retained for the period described in Section 7. Cancellation of a Rentals subscription does not affect any separate BahnIQ platform account you may hold.
25. Contact Us
For privacy-related questions, data subject requests, or complaints about how we handle your personal data:
Privacy inquiries: privacy@bahniq.com
Security disclosures: security@bahniq.com
Legal and compliance: legal@bahniq.com
General support: support@bahniq.com
Website: bahniq.com
If you are located in the EEA and believe we have not adequately addressed your concern, you have the right to lodge a complaint with your local data protection supervisory authority.